/*
 * The Initial Developer of the Original Code is International
 * Business Machines Corporation. Portions created by IBM
 * Corporation are Copyright (C) 2005 International Business
 * Machines Corporation. All Rights Reserved.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the Common Public License as published by
 * IBM Corporation; either version 1 of the License, or (at your option)
 * any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * Common Public License for more details.
 *
 * You should have received a copy of the Common Public License
 * along with this program; if not, a copy can be viewed at
 * http://www.opensource.org/licenses/cpl1.0.php.
 */

#ifndef _TPM_SPECIFIC_H_
#define _TPM_SPECIFIC_H_

#include <openssl/rsa.h>

/* TSS key type helper */
#define TPMTOK_TSS_KEY_TYPE_MASK	0x000000F0
#define TPMTOK_TSS_KEY_TYPE(x)		(x & TPMTOK_TSS_KEY_TYPE_MASK)
#define TPMTOK_TSS_KEY_MIG_TYPE(x)	(x & TSS_KEY_MIGRATABLE)

#define TPMTOK_TSS_MAX_ERROR		0x00000FFF
#define TPMTOK_TSS_ERROR_CODE(x)	(x & TPMTOK_TSS_MAX_ERROR)

/* key types in the TPM token */
#define TPMTOK_PRIVATE_ROOT_KEY	1
#define TPMTOK_PRIVATE_LEAF_KEY	2
#define TPMTOK_PUBLIC_ROOT_KEY	3
#define TPMTOK_PUBLIC_LEAF_KEY	4

/* key identifiers for the PKCS#11 objects */
#define TPMTOK_PRIVATE_ROOT_KEY_ID	"PRIVATE ROOT KEY"
#define TPMTOK_PRIVATE_LEAF_KEY_ID	"PRIVATE LEAF KEY"
#define TPMTOK_PUBLIC_ROOT_KEY_ID	"PUBLIC ROOT KEY"
#define TPMTOK_PUBLIC_LEAF_KEY_ID	"PUBLIC LEAF KEY"

#define TPMTOK_PRIVATE_ROOT_KEY_ID_SIZE	strlen(TPMTOK_PRIVATE_ROOT_KEY_ID)
#define TPMTOK_PRIVATE_LEAF_KEY_ID_SIZE	strlen(TPMTOK_PRIVATE_LEAF_KEY_ID)
#define TPMTOK_PUBLIC_ROOT_KEY_ID_SIZE	strlen(TPMTOK_PUBLIC_ROOT_KEY_ID)
#define TPMTOK_PUBLIC_LEAF_KEY_ID_SIZE	strlen(TPMTOK_PUBLIC_LEAF_KEY_ID)

#define TPMTOK_PUB_ROOT_KEY_FILE	"PUBLIC_ROOT_KEY.pem"
#define TPMTOK_PRIV_ROOT_KEY_FILE	"PRIVATE_ROOT_KEY.pem"

/* TPM token specific return codes */
#define CKR_KEY_NOT_FOUND	CKR_VENDOR_DEFINED + 0x0f000000
#define CKR_FILE_NOT_FOUND	CKR_VENDOR_DEFINED + 0x0f000001

#define TPMTOK_MASTERKEY_PRIVATE	"MK_PRIVATE"

#ifdef DEBUG
#define DEBUG_openssl_print_errors()    openssl_print_errors()
#else
#define DEBUG_openssl_print_errors()
#endif

/* retry count for generating software RSA keys */
#define KEYGEN_RETRY    5

RSA *openssl_gen_key();
int openssl_write_key(RSA *, char *, CK_BYTE *);
CK_RV openssl_read_key(char *, CK_BYTE *, RSA **);
int openssl_get_modulus_and_prime(RSA *, unsigned int *, unsigned char *, unsigned int *, unsigned char *);
int util_set_file_mode(char *, mode_t);
CK_BYTE *util_create_id(int);
CK_RV util_set_username(char **);
unsigned int util_get_keysize_flag(CK_ULONG);
CK_ULONG util_check_public_exponent(TEMPLATE *);

#define NULL_HKEY	0
#define NULL_HENCDATA	0
#define NULL_HPOLICY	0
#define NULL_HCONTEXT	0
#define NULL_HPCRS	0

/* CKA_ENC_AUTHDATA will be used to store the encrypted SHA-1 hashes of auth data
 * passed in for TPM keys. The authdata will be encrypted using either the public
 * leaf key or the private leaf key */
#define CKA_ENC_AUTHDATA        CKA_VENDOR_DEFINED + 0x01000001

#define MK_SIZE (AES_KEY_SIZE_256)

#define LOG(priority, fmt, ...) \
        do { \
                openlog("openCryptoki(TPM)", LOG_NDELAY|LOG_PID, LOG_USER); \
                syslog(priority, "%s " fmt, __FILE__, ##__VA_ARGS__); \
        } while (0)

#endif
